Getting Data In

Community Activity

Splunk DB Input causing ORACLE temp space to fill up We have a weird case our DBA and splunk team is trying to resolve; Our DBAs are seeing 124M of usage increasing ro... by dlovett Path Finder in Getting Data In 06-02-2014 1 4	1	4
Need help troubleshooting oneshot I'm trying to get an archival datafile into the indexes via oneshot. Current directory = C:\Program Files\SplunkUniv... by cgregors Engager in Getting Data In 06-02-2014 0 1	0	1
IIS Logs - Format Question I have added some IIS logs to Splunk via the "Files and Directories" input. While I can query the raw data it does n... by JoshuaThompson New Member in Getting Data In 06-02-2014 0 4	0	4
iplocation command not working Hi, I am using splunk enterprise 6.0 and i used iplocation command on a index using the following command and it jus... by krish3 Contributor in Getting Data In 06-02-2014 0 1	0	1
IIS Logs - Query to report on file downloads Hello, I am currently using a trial version of Splunk 6.1 Enterprise. I am looking for a query that will create a r... by JoshuaThompson New Member in Getting Data In 06-02-2014 0 6	0	6
monitor stanza in Windows I want to monitor the following C:\Users\...\AppData\Local\Microsoft\Windows\Burn sometimes with the Burn director... by mcbradford Contributor in Getting Data In 06-02-2014 0 3	0	3
indexer DNS in forwarder Hi, I wanted to know should we use DNS entrie for indexer in forwarder configuration. e.g. [tcpout:default-autolb-... by rameshlpatel Communicator in Getting Data In 06-02-2014 0 1	0	1
Splunk 6.1.1 upgrade from 6.0.3 Windows Splunk license agreement was not accepted. If installing silently, please pass AGREEMENTOLICENSE=Yes We were initially trying to upgrade from 6.0.3 to 6.1.1. However, we keep receiving the following message, "Splunk l... by rainhailrob Path Finder in Getting Data In 06-02-2014 0 3	0	3
password doesnt work after installing forwarder I am obviously doing something wrong, but this is twice now, i have installed the forwarder for Windows, and changes ... by bryancampbell New Member in Getting Data In 05-30-2014 0 1	0	1
Setting Timezone based on hostname extracted with regex I have to upload data from different sources (collected manually) and upload to a splunk indexer. The files are copie... by Krishna_R Path Finder in Getting Data In 05-30-2014 1 6	1	6
Restriking indexed items I have a question on how to restrict what goes into an index. I have read a number of posts and documentation on how ... by david_fresne New Member in Getting Data In 05-30-2014 0 5	0	5
Find events from two source, when ip1=ip2 Hello! I have two source. First is IPS, second is ASA. I want to find unique IP address ("dest_ip") with signature 2... by dbabanov Path Finder in Getting Data In 05-30-2014 0 4	0	4
2 Indexer and Summary Hi, I have 2 Indexer and 1 SearchHead. Where should the data from my summary of the SH or the Indexer? ... by erick_costa Path Finder in Getting Data In 05-29-2014 0 2	0	2
UF 6.0.2 on Windows 2008 R2: could not get description for this event I see this was a known issue with older versions of the Universal Forwarder but I keep getting these error messages o... by FloydATC Explorer in Getting Data In 05-29-2014 0 5	0	5
SA-ModularInput-PowerShell problem. hi, Im trying to use this app (as per tutorial from http://blogs.splunk.com/2013/06/24/monitoring-processes-on-window... by mic1024 Path Finder in Getting Data In 05-29-2014 0 1	0	1
How to specify the numbers of indexers in an Environment Setup ? Hi I am creating a new environment including around 300 Linux machines and around 50 Windows servers.I will be instal... by nrjsh1988 New Member in Getting Data In 05-29-2014 0 10	0	10
Exchange Add-On Duplicated Logs Hello, I installed splunk universal forwarder and the Exchange2010-Mailbox app to collect Exchange Auditing data. I ... by caroline_fortun Explorer in Getting Data In 05-28-2014 0 5	0	5
switch forwarders to new indexer Hi, I have existing indexer with 6.0 version and same version for all forwarders. Now we got new splunk physical s... by rameshlpatel Communicator in Getting Data In 05-28-2014 0 7	0	7
Splunk using PAT Is it possible to hide multiple forwarders (on separate machines) behind one single PAT address without confusing the... by rdownie Communicator in Getting Data In 05-28-2014 1 1	1	1
CSV Timestamp Problem Hi, I have a problem with extracting the timestamp from an csv file. Somehow Splunk recognizes the DATE as Date and... by harald_leitl Path Finder in Getting Data In 05-28-2014 0 3	0	3
How do i Apply Timestamp, Timechart, Date time picker to multiple dateTime fields I am doing a search of a series of CSV files in a single folder. The layout of these files is identical This File has... by ncorby New Member in Getting Data In 05-28-2014 0 1	0	1
Open TCP Connections from forwarders to indexer When watching the network traffic from a Splunk Universal Forwarder to a Indexer there appears to be two connections.... by dshakespeare_sp Splunk Employee in Getting Data In 05-28-2014 0 2	0	2
Korean character is broken when I export the query results in .csv file When I export the query results in .csv file using export function, the Korean character is broken. I found out the ... by yschoi Engager in Getting Data In 05-27-2014 0 2	0	2
Does an increase in the number of Indexers require more storage? Hello, I'm talking about the DB locations that are remote. The amount of incoming data is not changing and we are on... by glancaster Path Finder in Getting Data In 05-27-2014 0 2	0	2
How do I define a stanza that applies to all stanzas in the same inputs.conf file? I could have sworn it was [] but that did not seem to work, nor did [*] I do not want to use [default] because I don... by neiljpeterson Communicator in Getting Data In 05-27-2014 0 2	0	2